Zak Mc Kracken wrote:
> Hi Nicklas,
> in reply to your message below. I am working with Olivier on the issue. 
> To me it seems we're stuck on it, I still cannot understand if/how it's 
> possible to do this:
> - A search web service we have written is invoked with certain parameters
> - The ws searches inside BASE and returns a list of URLs. Every URL is 
> about an experiment that matches the search parameters/criteria 
> (actually experiment titles are returned too). Every URL is supposed to 
> automatically open an experiment page in the BASE web interface. We also 
> would like that the URL makes BASE to automatically login a "guest" user 
> (experiments we decide to make publicly visible will be made accessible 
> to this user), with just the initial click of the real end user on the URL.
>  From previous messages in this mailing list, I understand that BASE 
> doesn't allow to keep open multiple user sessions from multiple IPs, so 
> this could be a problem re. what I've described. Or did I get it wrong?

BASE is a multi-user enironment and it is possible to have multiple
users logged on at the same time. The users may be on different ip
addresses or on the same address. In fact, a single person may have
multiple browser windows open, each logged in to a different BASE
account or even to the same account. What matters is that each browser
window has it's own unique session id.

The session id is more or less a replacement for session cookies that a
lot of other web sites uses. The first prototype of BASE 2 actually used
a session cookie, but we made a policy decision to not use cookies and
that is why the session id is sent as part of the URL. The added benefit
of this is that a single user may have multiple browser windows open
each with their own session id. But just as session cookies can't be
shared between users neither can the session id be shared.

> An alternative for us could be that the end user has its own BASE 
> account, he/she provide us with it and we pass it to the web service (or 
> report it in the experiment's URL).
> You may already have guessed that the web service will be invoked by 
> another web application:
> and that the returned URLs will be put in this application.
> Is there a way to do what I described above? It's strange we cannot find 
> an answer to that.

No it is not strange because BASE was never intended to be used in that
way. If you want to do something like what you describe you need to
manage the session id's in your web service application. For each new
user that performs a search a new session id is needed. As I see it
there are two possible ways to create new session ids:

1. Your web service application does this on its own and keeps track of
used/active ones so that duplicates are not generated. When the user
clicks a link he/she is asked to login to BASE.

2. Your web service application uses BASE to create a new SessionControl
and login using the "guest" account. Use the id from the session control
in the link and the user doesn't have to login when it is clicked. Note
that your web service application needs to set the proper remote id on
the session control, otherwise the "Invalid remote id" message will popup.

Hope this helps.


This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers 
basedb-devel mailing list

Reply via email to